Summary
CentOS 7.3
Nginx 1.11.7
PHP 7.0.14
MariaDB 5.5.52
WordPress 4.7
Basic Linux setup (root)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 |
[root@tk2-201-10103 ~]# yum update [root@tk2-201-10103 ~]# yum install wget vim zsh tree bc sysstat tmux [root@tk2-201-10103 ~]# localectl status System Locale: LANG=C VC Keymap: jp106 X11 Layout: jp [root@tk2-201-10103 ~]# localectl set-locale LANG=en_US.UTF-8 [root@tk2-201-10103 ~]# localectl status System Locale: LANG=en_US.UTF-8 VC Keymap: jp106 X11 Layout: jp [root@tk2-201-10103 ~]# passwd Changing password for user root. New password: Retype new password: passwd: all authentication tokens updated successfully. [root@tk2-201-10103 ~]# cp -vip /etc/login.defs{,.org} '/etc/login.defs' -> '/etc/login.defs.org' [root@tk2-201-10103 ~]# sed -i 's@UMASK 022@UMASK 077@' /etc/login.defs [root@tk2-201-10103 ~]# diff -C 1 /etc/login.defs{,.org} [root@tk2-201-10103 ~]# useradd -m hidepiy [root@tk2-201-10103 ~]# passwd hidepiy Changing password for user hidepiy. New password: Retype new password: passwd: all authentication tokens updated successfully. [root@tk2-201-10103 ~]# cat << SUDOERS_CONF >> /etc/sudoers.d/hidepiy > > User_Alias ADMIN = hidepiy > > ADMIN ALL = /bin/su, /bin/su - > > SUDOERS_CONF [root@tk2-201-10103 ~]# chmod 0440 /etc/sudoers.d/hidepiy [root@tk2-201-10103 ~]# mkdir -vpm 775 /usr/local/hidepiy mkdir: created directory '/usr/local/hidepiy' [root@tk2-201-10103 ~]# chown -v hidepiy:hidepiy /usr/local/hidepiy changed ownership of '/usr/local/hidepiy' from root:root to hidepiy:hidepiy [root@tk2-201-10103 ~]# cp -vip /etc/ssh/sshd_config{,.org} '/etc/ssh/sshd_config' -> '/etc/ssh/sshd_config.org' [root@tk2-201-10103 ~]# sed -i -e 's@#Port 22@#Port 22\ > Port 10022@' -e 's@#PermitRootLogin yes@PermitRootLogin no@' /etc/ssh/sshd_config [root@tk2-201-10103 ~]# diff -C 1 /etc/ssh/sshd_config{,.org} *** /etc/ssh/sshd_config Mon Dec 26 02:46:26 2016 --- /etc/ssh/sshd_config.org Wed Sep 14 10:22:43 2016 *************** *** 17,19 **** #Port 22 - Port 10022 #AddressFamily any --- 17,18 ---- *************** *** 49,51 **** #LoginGraceTime 2m ! PermitRootLogin no #StrictModes yes --- 48,50 ---- #LoginGraceTime 2m ! #PermitRootLogin yes #StrictModes yes [root@tk2-201-10103 ~]# service sshd restart Redirecting to /bin/systemctl restart sshd.service [root@tk2-201-10103 ~]# firewall-cmd --add-port=10022/tcp success [root@tk2-201-10103 ~]# firewall-cmd --permanent --add-port=10022/tcp success [root@tk2-201-10103 ~]# firewall-cmd --list-ports 10022/tcp [root@tk2-201-10103 ~]# firewall-cmd --add-service=http success [root@tk2-201-10103 ~]# firewall-cmd --permanent --add-service=http success [root@tk2-201-10103 ~]# firewall-cmd --list-services dhcpv6-client ssh http [root@tk2-201-10103 ~]# hostname hidepiy.com [root@tk2-201-10103 ~]# cp -vip /etc/hostname{,.ori} '/etc/hostname' -> '/etc/hostname.ori' [root@tk2-201-10103 ~]# sed -i 's@localhost.localdomain@hidepiy.com@' /etc/hostname [root@tk2-201-10103 ~]# diff -C 1 /etc/hostname{,.ori} *** /etc/hostname Mon Dec 26 02:51:04 2016 --- /etc/hostname.ori Tue Nov 1 18:05:18 2016 *************** *** 1 **** ! hidepiy.com \ No newline at end of file --- 1 ---- ! localhost.localdomain \ No newline at end of file [root@tk2-201-10103 ~]# /etc/rc.d/init.d/network restart Restarting network (via systemctl): [ OK ] [root@tk2-201-10103 ~]# systemctl restart network |
common
1 2 3 4 5 6 |
[hidepiy@hidepiy ~]$ mkdir -vp /usr/local/hidepiy/{download,tool} mkdir: created directory ‘/usr/local/hidepiy/download’ mkdir: created directory ‘/usr/local/hidepiy/tool’ [hidepiy@hidepiy ~]$ cd /usr/local/hidepiy [hidepiy@hidepiy hidepiy]$ ln -sv tool tools ‘tools’ -> ‘tool’ |
dotfiles
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
[hidepiy@hidepiy ~]$ git clone https://hidepiy@bitbucket.org/hidepiy/dots.git [hidepiy@hidepiy ~]$ /bin/bash ~/dots/init.sh ln -sv /home/hidepiy/dots/tmux.conf ~/.tmux.conf ‘/home/hidepiy/.tmux.conf’ -> ‘/home/hidepiy/dots/tmux.conf’ ~/.zshrc already exists!!! ln -sv /home/hidepiy/dots/vimrc ~/.vimrc ‘/home/hidepiy/.vimrc’ -> ‘/home/hidepiy/dots/vimrc’ ln -sv /home/hidepiy/dots/vim ~/.vim ‘/home/hidepiy/.vim’ -> ‘/home/hidepiy/dots/vim’ ln -sv /home/hidepiy/dots/gvimrc ~/.gvimrc ‘/home/hidepiy/.gvimrc’ -> ‘/home/hidepiy/dots/gvimrc’ git submodule init Submodule 'vim/bundle/neobundle.vim' (https://github.com/Shougo/neobundle.vim) registered for path 'vim/bundle/neobundle.vim' git submodule update Cloning into 'vim/bundle/neobundle.vim'... remote: Counting objects: 9216, done. remote: Total 9216 (delta 0), reused 0 (delta 0), pack-reused 9216 Receiving objects: 100% (9216/9216), 2.25 MiB | 1.09 MiB/s, done. Resolving deltas: 100% (4468/4468), done. Submodule path 'vim/bundle/neobundle.vim': checked out '9a69b56f24f31cc4e4592f44f03d2fdb8dea92b3' Error detected while processing /home/hidepiy/.vimrc: line 117: E185: Cannot find color scheme 'wombat256mod' Press ENTER or type command to continue [hidepiy@hidepiy ~]$ which zsh /bin/zsh [hidepiy@hidepiy ~]$ chsh Changing shell for hidepiy. New shell [/bin/bash]: /bin/zsh Password: Shell changed. |
zshrc
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
cat << 'ZSHPATH' >> ${HOME}/.zshrc export SHELL=/bin/zsh export COM_DIR=/usr/local/hidepiy export TOOL_HOME=${COM_DIR}/tool PATH=${TOOL_HOME}/bin:${PATH} export JAVA_HOME=${COM_DIR}/jdk export MAVEN_HOME=${COM_DIR}/maven PATH=${JAVA_HOME}/bin:${MAVEN_HOME}/bin:${PATH} export RBENV_DIR=${COM_DIR}/rbenv export RBENV_ROOT=${COM_DIR}/rbenv PATH=${RBENV_DIR}/bin:${PATH} export PATH eval "$(rbenv init -)" ZSHPATH zsh |
JDK & Maven
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
hidepiy@hidepiy /home/hidepiy% cd /usr/local/hidepiy/download hidepiy@hidepiy /usr/local/hidepiy/download% wget --no-check-certificate --no-cookies --header "Cookie: oraclelicense=accept-securebackup-cookie" http://download.oracle.com/otn-pub/java/jdk/8u112-b15/jdk-8u112-linux-x64.tar.gz hidepiy@hidepiy /usr/local/hidepiy/download% tar fxvz jdk-8u112-linux-x64.tar.gz hidepiy@hidepiy /usr/local/hidepiy/download% mv -vi jdk1.8.0_112 /usr/local/hidepiy/ ‘jdk1.8.0_112’ -> ‘/usr/local/hidepiy/jdk1.8.0_112’ hidepiy@hidepiy /usr/local/hidepiy/download% cd /usr/local/hidepiy/ hidepiy@hidepiy /usr/local/hidepiy% ln -sv jdk1.8.0_112 jdk ‘jdk’ -> ‘jdk1.8.0_112’ hidepiy@hidepiy /usr/local/hidepiy% /usr/local/hidepiy/jdk/bin/java -version java version "1.8.0_112" Java(TM) SE Runtime Environment (build 1.8.0_112-b15) Java HotSpot(TM) 64-Bit Server VM (build 25.112-b15, mixed mode) hidepiy@hidepiy /usr/local/hidepiy% mkdir -vp /usr/local/hidepiy/download hidepiy@hidepiy /usr/local/hidepiy% cd /usr/local/hidepiy hidepiy@hidepiy /usr/local/hidepiy% wget http://ftp.meisei-u.ac.jp/mirror/apache/dist/maven/maven-3/3.3.9/binaries/apache-maven-3.3.9-bin.tar.gz hidepiy@hidepiy /usr/local/hidepiy% tar fvxz apache-maven-3.3.9-bin.tar.gz hidepiy@hidepiy /usr/local/hidepiy% ln -vs apache-maven-3.3.9 maven ‘maven’ -> ‘apache-maven-3.3.9’ hidepiy@hidepiy /usr/local/hidepiy% mv -vi apache-maven-3.3.9-bin.tar.gz download ‘apache-maven-3.3.9-bin.tar.gz’ -> ‘download/apache-maven-3.3.9-bin.tar.gz’ |
Ruby
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 |
hidepiy@hidepiy /usr/local/hidepiy% RBENV_DIR=/usr/local/hidepiy/rbenv; echo ${RBENV_DIR} /usr/local/hidepiy/rbenv hidepiy@hidepiy /usr/local/hidepiy% git clone https://github.com/sstephenson/rbenv.git ${RBENV_DIR} hidepiy@hidepiy /usr/local/hidepiy% mkdir -vp ${RBENV_DIR}/{shims,versions,plugins} mkdir: created directory ‘/usr/local/hidepiy/rbenv/shims’ mkdir: created directory ‘/usr/local/hidepiy/rbenv/versions’ mkdir: created directory ‘/usr/local/hidepiy/rbenv/plugins’ hidepiy@hidepiy /usr/local/hidepiy% git clone https://github.com/sstephenson/ruby-build.git ${RBENV_DIR}/plugins/ruby-build hidepiy@hidepiy /usr/local/hidepiy% PREFIX=/usr/local/hidepiy/rbenv ${RBENV_DIR}/plugins/ruby-build/install.sh hidepiy@hidepiy /usr/local/hidepiy% zsh hidepiy@hidepiy /usr/local/hidepiy% rbenv -v rbenv 1.1.0-2-g4f8925a hidepiy@hidepiy /usr/local/hidepiy% rbenv install -l hidepiy@hidepiy /usr/local/hidepiy% rbenv install 2.4.0 Downloading ruby-2.4.0.tar.bz2... -> https://cache.ruby-lang.org/pub/ruby/2.4/ruby-2.4.0.tar.bz2 Installing ruby-2.4.0... Installed ruby-2.4.0 to /usr/local/hidepiy/rbenv/versions/2.4.0 hidepiy@hidepiy /usr/local/hidepiy% rbenv versions 2.4.0 hidepiy@hidepiy /usr/local/hidepiy% rbenv global 2.4.0 hidepiy@hidepiy /usr/local/hidepiy% rbenv rehash hidepiy@hidepiy /usr/local/hidepiy% rbenv version 2.4.0 (set by /usr/local/hidepiy/rbenv/version) hidepiy@hidepiy /usr/local/hidepiy% which ruby /usr/local/hidepiy/rbenv/shims/ruby hidepiy@hidepiy /usr/local/hidepiy% ruby -v ruby 2.4.0p0 (2016-12-24 revision 57164) [x86_64-linux] hidepiy@hidepiy /usr/local/hidepiy% gem search -rd fluentd hidepiy@hidepiy /usr/local/hidepiy% gem install fluentd hidepiy@hidepiy /usr/local/hidepiy% fluentd --version fluentd 0.14.10 hidepiy@hidepiy /usr/local/hidepiy% FLUENT_DIR=/usr/local/hidepiy/fluentd; echo ${FLUENT_DIR} /usr/local/hidepiy/fluentd hidepiy@hidepiy /usr/local/hidepiy% fluentd --setup ${FLUENT_DIR}/conf Installed /usr/local/hidepiy/fluentd/conf/fluent.conf. hidepiy@hidepiy /usr/local/hidepiy% mkdir -vp ${FLUENT_DIR}/logs mkdir: created directory ‘/usr/local/hidepiy/fluentd/logs’ hidepiy@hidepiy /usr/local/hidepiy% fluentd -c ${FLUENT_DIR}/conf/fluent.conf hidepiy@hidepiy /usr/local/hidepiy% fluent-gem install fluent-plugin-mongokpi |
Nginx (root)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
[root@hidepiy ~]# yum install readline-devel zlib-devel gd gd-devel gcc pcre pcre-devel openssl openssl-devel [root@hidepiy ~]# mkdir -vp /usr/local/hidepiy/download/ mkdir: created directory ‘/usr/local/hidepiy/download/’ [root@hidepiy ~]# cd /usr/local/hidepiy/download/ [root@hidepiy download]# wget https://nginx.org/download/nginx-1.11.7.tar.gz [root@hidepiy download]# tar fvxz nginx-1.11.7.tar.gz [root@hidepiy download]# cd nginx-1.11.7/ [root@hidepiy nginx-1.11.7]# ./configure --with-http_image_filter_module [root@hidepiy nginx-1.11.7]# make [root@hidepiy nginx-1.11.7]# make install [root@hidepiy nginx-1.11.7]# /usr/local/nginx/sbin/nginx -V nginx version: nginx/1.11.7 built by gcc 4.8.5 20150623 (Red Hat 4.8.5-11) (GCC) configure arguments: --with-http_image_filter_module [root@hidepiy nginx-1.11.7]# vi /etc/init.d/nginx https://www.nginx.com/resources/wiki/start/topics/examples/redhatnginxinit/ [root@hidepiy nginx-1.11.7]# chmod 755 /etc/rc.d/init.d/nginx [root@hidepiy nginx-1.11.7]# chkconfig nginx on [root@hidepiy nginx-1.11.7]# service nginx start Starting nginx (via systemctl): [ OK ] |
conf/nginx.conf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 |
user hidepiy; worker_processes 2; pid logs/nginx.pid; events { worker_connections 1024; } http { server_tokens off; include mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format ltsv 'time:$time_iso8601\t' 'remote_addr:$remote_addr\t' 'request_method:$request_method\t' 'request_length:$request_length\t' 'request_uri:$request_uri\t' 'https:$https\t' 'uri:$uri\t' 'query_string:$query_string\t' 'status:$status\t' 'bytes_sent:$bytes_sent\t' 'body_bytes_sent:$body_bytes_sent\t' 'referer:$http_referer\t' 'useragent:$http_user_agent\t' 'forwardedfor:$http_x_forwarded_for\t' 'request_time:$request_time\t' 'upstream_response_time:$upstream_response_time'; sendfile on; #tcp_nopush on; keepalive_timeout 65; gzip on; include conf.d/*.conf; } |
conf/conf.d/
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
server { listen 6109.hidepiy.com:80; server_name 6109.hidepiy.com; root /usr/local/hidepiy/wordpress; index index.php; access_log logs/6109.access.log ltsv; try_files $uri $uri/ /index.php?q=$uri&$args; location ~* /wp-config.php { deny all; } location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_script_name; include fastcgi_params; } } |
PHP (root)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
[root@hidepiy ~]# yum install epel-release [root@hidepiy ~]# rpm --import http://rpms.famillecollet.com/RPM-GPG-KEY-remi [root@hidepiy ~]# rpm -ivh http://rpms.famillecollet.com/enterprise/remi-release-7.rpm Retrieving http://rpms.famillecollet.com/enterprise/remi-release-7.rpm Preparing... ################################# [100%] Updating / installing... 1:remi-release-7.2-1.el7.remi ################################# [100%] [root@hidepiy ~]# yum install --enablerepo=epel,remi-php70 php php-mbstring php-pear php-fpm php-mcrypt php-mysql [root@hidepiy ~]# php -v PHP 7.0.14 (cli) (built: Dec 7 2016 10:15:15) ( NTS ) Copyright (c) 1997-2016 The PHP Group Zend Engine v3.0.0, Copyright (c) 1998-2016 Zend Technologies [root@hidepiy ~]# cp -vip /etc/php-fpm.d/www.conf{,.ori} ‘/etc/php-fpm.d/www.conf’ -> ‘/etc/php-fpm.d/www.conf.ori’ [root@hidepiy ~]# diff -C 1 /etc/php-fpm.d/www.conf{,.ori} *** /etc/php-fpm.d/www.conf 2016-12-26 18:34:23.447998410 +0900 --- /etc/php-fpm.d/www.conf.ori 2016-12-07 18:18:09.000000000 +0900 *************** *** 23,27 **** ; RPM: apache Choosed to be able to access some dir as httpd ! user = hidepiy ; RPM: Keep a group allowed to write in log dir. ! group = hidepiy --- 23,27 ---- ; RPM: apache Choosed to be able to access some dir as httpd ! user = apache ; RPM: Keep a group allowed to write in log dir. ! group = apache [root@hidepiy ~]# systemctl start php-fpm [root@hidepiy ~]# systemctl enable php-fpm Created symlink from /etc/systemd/system/multi-user.target.wants/php-fpm.service to /usr/lib/systemd/system/php-fpm.service. |
MariaDB
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
[root@hidepiy ~]# yum install mariadb mariadb-server [root@hidepiy ~]# systemctl start mariadb [root@hidepiy ~]# systemctl enable mariadb Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service. [root@hidepiy ~]# mysql_secure_installation Enter current password for root (enter for none): ... Set root password? [Y/n] Y New password: Re-enter new password: ... Remove anonymous users? [Y/n] Y ... Disallow root login remotely? [Y/n] Y ... Remove test database and access to it? [Y/n] Y ... Reload privilege tables now? [Y/n] Y ... Thanks for using MariaDB! [root@hidepiy ~]# cp -vip /etc/my.cnf.d/server.cnf{,.ori} ‘/etc/my.cnf.d/server.cnf’ -> ‘/etc/my.cnf.d/server.cnf.ori’ [root@hidepiy ~]# vi /etc/my.cnf.d/server.cnf [root@hidepiy ~]# diff -C 1 /etc/my.cnf.d/server.cnf{,.ori} *** /etc/my.cnf.d/server.cnf 2016-12-26 19:04:14.050171605 +0900 --- /etc/my.cnf.d/server.cnf.ori 2016-09-12 23:54:58.000000000 +0900 *************** *** 12,14 **** [mysqld] - character-set-server = utf8 --- 12,13 ---- |
WordPress
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 |
hidepiy@hidepiy /home/hidepiy% mysql -u root -p Enter password: MariaDB [(none)]> CREATE DATABASE wordpress; Query OK, 1 row affected (0.00 sec) MariaDB [(none)]> GRANT ALL PRIVILEGES ON wordpress.* TO "wordpress"@"localhost" IDENTIFIED BY "password"; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> FLUSH PRIVILEGES; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> exit; Bye hidepiy@hidepiy /home/hidepiy% cd /usr/local/hidepiy/download/ hidepiy@hidepiy /usr/local/hidepiy/download% wget https://wordpress.org/latest.tar.gz hidepiy@hidepiy /usr/local/hidepiy/download% tar fvxz latest.tar.gz hidepiy@hidepiy /usr/local/hidepiy/download% mv wordpress /usr/local/hidepiy/ hidepiy@hidepiy /usr/local/hidepiy/download% cd /usr/local/hidepiy/wordpress hidepiy@hidepiy /usr/local/hidepiy/wordpress% cp -vip wp-config-sample.php wp-config.php ‘wp-config-sample.php’ -> ‘wp-config.php’ hidepiy@hidepiy /usr/local/hidepiy/wordpress% vi wp-config.php hidepiy@hidepiy /usr/local/hidepiy/wordpress% diff -C 1 wp-config{,-sample}.php *** wp-config.php 2016-12-26 19:23:04.843243451 +0900 --- wp-config-sample.php 2015-12-16 18:58:26.000000000 +0900 *************** *** 22,30 **** /** The name of the database for WordPress */ ! define('DB_NAME', 'wordpress'); /** MySQL database username */ ! define('DB_USER', 'wordpress'); /** MySQL database password */ ! define('DB_PASSWORD', 'password'); --- 22,30 ---- /** The name of the database for WordPress */ ! define('DB_NAME', 'database_name_here'); /** MySQL database username */ ! define('DB_USER', 'username_here'); /** MySQL database password */ ! define('DB_PASSWORD', 'password_here'); |